2020-11-06 11:02:26 +08:00
|
|
|
|
package ipadmin
|
|
|
|
|
|
|
2020-11-06 11:30:35 +08:00
|
|
|
|
import (
|
|
|
|
|
|
"encoding/json"
|
|
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
|
2023-06-30 18:08:30 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
|
2020-12-23 09:52:31 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
|
2020-11-06 11:30:35 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
|
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
|
2023-07-07 09:53:00 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/regionconfigs"
|
2023-07-07 15:28:29 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
|
2020-11-06 11:30:35 +08:00
|
|
|
|
"github.com/iwind/TeaGo/actions"
|
|
|
|
|
|
"github.com/iwind/TeaGo/lists"
|
|
|
|
|
|
"github.com/iwind/TeaGo/maps"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
2020-11-06 11:02:26 +08:00
|
|
|
|
type ProvincesAction struct {
|
|
|
|
|
|
actionutils.ParentAction
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (this *ProvincesAction) Init() {
|
|
|
|
|
|
this.Nav("", "", "ipadmin")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-11-06 11:30:35 +08:00
|
|
|
|
func (this *ProvincesAction) RunGet(params struct {
|
|
|
|
|
|
FirewallPolicyId int64
|
|
|
|
|
|
}) {
|
2020-11-06 11:02:26 +08:00
|
|
|
|
this.Data["subMenuItem"] = "province"
|
2020-11-06 11:30:35 +08:00
|
|
|
|
|
|
|
|
|
|
// 当前选中的省份
|
2020-12-23 09:52:31 +08:00
|
|
|
|
policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
|
2020-11-06 11:30:35 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if policyConfig == nil {
|
|
|
|
|
|
this.NotFound("firewallPolicy", params.FirewallPolicyId)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2023-07-07 15:28:29 +08:00
|
|
|
|
|
|
|
|
|
|
var deniedProvinceIds = []int64{}
|
|
|
|
|
|
var allowedProvinceIds = []int64{}
|
2020-11-06 11:30:35 +08:00
|
|
|
|
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
|
2023-07-07 15:28:29 +08:00
|
|
|
|
deniedProvinceIds = policyConfig.Inbound.Region.DenyProvinceIds
|
|
|
|
|
|
allowedProvinceIds = policyConfig.Inbound.Region.AllowProvinceIds
|
2020-11-06 11:30:35 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-08-13 23:55:35 +08:00
|
|
|
|
provincesResp, err := this.RPC().RegionProvinceRPC().FindAllRegionProvincesWithRegionCountryId(this.AdminContext(), &pb.FindAllRegionProvincesWithRegionCountryIdRequest{
|
2023-07-07 09:53:00 +08:00
|
|
|
|
RegionCountryId: regionconfigs.RegionChinaId,
|
2020-11-06 11:30:35 +08:00
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2023-07-07 15:28:29 +08:00
|
|
|
|
var deniedProvinceMaps = []maps.Map{}
|
|
|
|
|
|
var allowedProvinceMaps = []maps.Map{}
|
2022-01-06 11:13:36 +08:00
|
|
|
|
for _, province := range provincesResp.RegionProvinces {
|
2023-07-07 15:28:29 +08:00
|
|
|
|
var provinceMap = maps.Map{
|
|
|
|
|
|
"id": province.Id,
|
|
|
|
|
|
"name": province.DisplayName,
|
|
|
|
|
|
}
|
|
|
|
|
|
if lists.ContainsInt64(deniedProvinceIds, province.Id) {
|
|
|
|
|
|
deniedProvinceMaps = append(deniedProvinceMaps, provinceMap)
|
|
|
|
|
|
}
|
|
|
|
|
|
if lists.ContainsInt64(allowedProvinceIds, province.Id) {
|
|
|
|
|
|
allowedProvinceMaps = append(allowedProvinceMaps, provinceMap)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
this.Data["deniedProvinces"] = deniedProvinceMaps
|
|
|
|
|
|
this.Data["allowedProvinces"] = allowedProvinceMaps
|
|
|
|
|
|
|
|
|
|
|
|
// except & only URL Patterns
|
|
|
|
|
|
this.Data["exceptURLPatterns"] = []*shared.URLPattern{}
|
|
|
|
|
|
this.Data["onlyURLPatterns"] = []*shared.URLPattern{}
|
|
|
|
|
|
if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
|
|
|
|
|
|
if len(policyConfig.Inbound.Region.ProvinceExceptURLPatterns) > 0 {
|
|
|
|
|
|
this.Data["exceptURLPatterns"] = policyConfig.Inbound.Region.ProvinceExceptURLPatterns
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(policyConfig.Inbound.Region.ProvinceOnlyURLPatterns) > 0 {
|
|
|
|
|
|
this.Data["onlyURLPatterns"] = policyConfig.Inbound.Region.ProvinceOnlyURLPatterns
|
|
|
|
|
|
}
|
2020-11-06 11:30:35 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-11-06 11:02:26 +08:00
|
|
|
|
this.Show()
|
|
|
|
|
|
}
|
2020-11-06 11:30:35 +08:00
|
|
|
|
|
|
|
|
|
|
func (this *ProvincesAction) RunPost(params struct {
|
|
|
|
|
|
FirewallPolicyId int64
|
2023-07-07 15:28:29 +08:00
|
|
|
|
DenyProvinceIds []int64
|
|
|
|
|
|
AllowProvinceIds []int64
|
|
|
|
|
|
|
|
|
|
|
|
ExceptURLPatternsJSON []byte
|
|
|
|
|
|
OnlyURLPatternsJSON []byte
|
2020-11-06 11:30:35 +08:00
|
|
|
|
|
|
|
|
|
|
Must *actions.Must
|
|
|
|
|
|
}) {
|
2020-11-17 15:41:43 +08:00
|
|
|
|
// 日志
|
2023-06-30 18:08:30 +08:00
|
|
|
|
defer this.CreateLogInfo(codes.WAF_LogUpdateForbiddenProvinces, params.FirewallPolicyId)
|
2020-11-17 15:41:43 +08:00
|
|
|
|
|
2020-12-23 09:52:31 +08:00
|
|
|
|
policyConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyConfig(this.AdminContext(), params.FirewallPolicyId)
|
2020-11-06 11:30:35 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if policyConfig == nil {
|
|
|
|
|
|
this.NotFound("firewallPolicy", params.FirewallPolicyId)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if policyConfig.Inbound == nil {
|
|
|
|
|
|
policyConfig.Inbound = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
|
|
|
|
|
|
}
|
|
|
|
|
|
if policyConfig.Inbound.Region == nil {
|
|
|
|
|
|
policyConfig.Inbound.Region = &firewallconfigs.HTTPFirewallRegionConfig{
|
|
|
|
|
|
IsOn: true,
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-07-07 15:28:29 +08:00
|
|
|
|
policyConfig.Inbound.Region.DenyProvinceIds = params.DenyProvinceIds
|
|
|
|
|
|
policyConfig.Inbound.Region.AllowProvinceIds = params.AllowProvinceIds
|
|
|
|
|
|
|
|
|
|
|
|
// 例外URL
|
|
|
|
|
|
var exceptURLPatterns = []*shared.URLPattern{}
|
|
|
|
|
|
if len(params.ExceptURLPatternsJSON) > 0 {
|
|
|
|
|
|
err = json.Unmarshal(params.ExceptURLPatternsJSON, &exceptURLPatterns)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.Fail("校验例外URL参数失败:" + err.Error())
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
policyConfig.Inbound.Region.ProvinceExceptURLPatterns = exceptURLPatterns
|
|
|
|
|
|
|
|
|
|
|
|
// 限制URL
|
|
|
|
|
|
var onlyURLPatterns = []*shared.URLPattern{}
|
|
|
|
|
|
if len(params.OnlyURLPatternsJSON) > 0 {
|
|
|
|
|
|
err = json.Unmarshal(params.OnlyURLPatternsJSON, &onlyURLPatterns)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.Fail("校验限制URL参数失败:" + err.Error())
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
policyConfig.Inbound.Region.ProvinceOnlyURLPatterns = onlyURLPatterns
|
2020-11-06 11:30:35 +08:00
|
|
|
|
|
|
|
|
|
|
inboundJSON, err := json.Marshal(policyConfig.Inbound)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{
|
2020-12-17 15:50:44 +08:00
|
|
|
|
HttpFirewallPolicyId: params.FirewallPolicyId,
|
|
|
|
|
|
InboundJSON: inboundJSON,
|
2020-11-06 11:30:35 +08:00
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
this.Success()
|
|
|
|
|
|
}
|
